tomb

the crypto undertaker
git clone git://parazyd.org/tomb.git
Log | Files | Refs | README | LICENSE

commit 99581a5faab2f5dafa920879e62a8b7d23511512
parent aba0fa519110a7613b147091fb84368b84d66f84
Author: Jaromil <jaromil@dyne.org>
Date:   Sun, 23 Nov 2014 18:25:42 +0100

whitespace cleanup and correct indentation to 4 spaces (no tabs)

Diffstat:
Mtomb | 378++++++++++++++++++++++++++++++++++++++++----------------------------------------
1 file changed, 189 insertions(+), 189 deletions(-)

diff --git a/tomb b/tomb @@ -25,12 +25,12 @@ # modify it under the terms of the GNU Public License as published by # the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. -# +# # This source code is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Please refer # to the GNU Public License for more details. -# +# # You should have received a copy of the GNU Public License along with # this source code; if not, write to: Free Software Foundation, Inc., # 675 Mass Ave, Cambridge, MA 02139, USA. @@ -176,26 +176,26 @@ _whoami() { # Get GID from option -G or the environment option_is_set -G \ - && _GID=$(option_value -G) || _GID=$(id -g $_USER) + && _GID=$(option_value -G) || _GID=$(id -g $_USER) # Get UID from option -U or the environment option_is_set -U \ - && _UID=$(option_value -U) || _UID=$(id -u $_USER) + && _UID=$(option_value -U) || _UID=$(id -u $_USER) _verbose "Identified caller: ::1 username:: (::2 UID:::::3 GID::)" $_USER $_UID $_GID # Update USERNAME accordingly if we can [[ EUID == 0 && $_USER != $USERNAME ]] && { - _verbose "Updating USERNAME from '::1 USERNAME::' to '::2 _USER::')" $USERNAME $_USER - USERNAME=$_USER + _verbose "Updating USERNAME from '::1 USERNAME::' to '::2 _USER::')" $USERNAME $_USER + USERNAME=$_USER } # Force HOME to _USER's HOME if necessary local home=$(awk -F: "/$_USER/ { print \$6 }" /etc/passwd 2>/dev/null) [[ $home == $HOME ]] || { - _verbose "Updating HOME to match user's: ::1 home:: (was ::2 HOME::)" \ - $home $HOME - HOME=$home } + _verbose "Updating HOME to match user's: ::1 home:: (was ::2 HOME::)" \ + $home $HOME + HOME=$home } # Get connecting TTY from option -T or the environment option_is_set -T && _TTY=$(option_value -T) @@ -209,7 +209,7 @@ _plot() { # We set global variables typeset -g TOMBPATH TOMBDIR TOMBFILE TOMBNAME - + TOMBPATH="$1" TOMBDIR=$(dirname $TOMBPATH) @@ -220,7 +220,7 @@ _plot() { # It can start with dots: ..foo.tomb -> ..foo TOMBNAME="${TOMBFILE%\.[^\.]*}" [[ -z $TOMBNAME ]] && { - _failure "Tomb won't work without a TOMBNAME." } + _failure "Tomb won't work without a TOMBNAME." } # Normalize tomb name TOMBFILE="$TOMBNAME.tomb" @@ -233,10 +233,10 @@ _plot() { # Provide a random filename in shared memory _tmp_create() { [[ -d "$TMPPREFIX" ]] || { - mkdir -m 777 "$TMPPREFIX" - [[ $? == 0 ]] || _failure "Fatal error creating the temporary directory: ::1 temp dir::" "$TMPPREFIX" - # we create the tempdir with the sticky bit on - chmod o+t "$TMPPREFIX" + mkdir -m 777 "$TMPPREFIX" + [[ $? == 0 ]] || _failure "Fatal error creating the temporary directory: ::1 temp dir::" "$TMPPREFIX" + # we create the tempdir with the sticky bit on + chmod o+t "$TMPPREFIX" } # We're going to add one more $RANDOM for each time someone complain @@ -247,7 +247,7 @@ _tmp_create() { _failure "Fatal error setting the permission umask for temporary files" } [[ -r "$tfile" ]] && { - _failure "Someone is messing up with us trying to hijack temporary files." } + _failure "Someone is messing up with us trying to hijack temporary files." } touch "$tfile" [[ $? == 0 ]] || { @@ -286,7 +286,7 @@ _ensure_safe_swap() { r=1 break - elif [[ "$bone" =~ "symbolic link" ]]; then + elif [[ "$bone" =~ "symbolic link" ]]; then # Might link to a block r=1 [[ "/dev/mapper" == "${s%/*}" ]] || { break } @@ -326,7 +326,7 @@ _check_swap() { return 0 ;; *) # Unencrypted swap - _failure "Operation aborted." + _failure "Operation aborted." ;; esac fi @@ -345,10 +345,10 @@ ask_password() { # Force pinentry to use a custom icon by overriding the GTK theme # temporarily. for prefix in /usr/local /usr; do - [[ -r "$prefix/$gtkrc" ]] && { - GTK2_RC="$prefix/$gtkrc" - break - } + [[ -r "$prefix/$gtkrc" ]] && { + GTK2_RC="$prefix/$gtkrc" + break + } done output=`cat <<EOF | GTK2_RC_FILES=${GTK2_RC} ${PINENTRY} 2>/dev/null | tail -n +7 @@ -499,60 +499,60 @@ dump_secrets() { # {{{ Commandline interaction usage() { -_print "Syntax: tomb [options] command [arguments]" -_print "\000" -_print "Commands:" -_print "\000" -_print " // Creation:" -_print " dig create a new empty TOMB file of size -s in MB" -_print " forge create a new KEY file and set its password" -_print " lock installs a lock on a TOMB to use it with KEY" -_print "\000" -_print " // Operations on tombs:" -_print " open open an existing TOMB" -_print " index update the search indexes of tombs" -_print " search looks for filenames matching text patterns" -_print " list list of open TOMBs and information on them" -_print " close close a specific TOMB (or 'all')" -_print " slam slam a TOMB killing all programs using it" + _print "Syntax: tomb [options] command [arguments]" + _print "\000" + _print "Commands:" + _print "\000" + _print " // Creation:" + _print " dig create a new empty TOMB file of size -s in MB" + _print " forge create a new KEY file and set its password" + _print " lock installs a lock on a TOMB to use it with KEY" + _print "\000" + _print " // Operations on tombs:" + _print " open open an existing TOMB" + _print " index update the search indexes of tombs" + _print " search looks for filenames matching text patterns" + _print " list list of open TOMBs and information on them" + _print " close close a specific TOMB (or 'all')" + _print " slam slam a TOMB killing all programs using it" [[ $RESIZER == 1 ]] && { -_print " resize resize a TOMB to a new size -s (can only grow)" + _print " resize resize a TOMB to a new size -s (can only grow)" } -_print "\000" -_print " // Operations on keys:" -_print " passwd change the password of a KEY (needs old pass)" -_print " setkey change the KEY locking a TOMB (needs old key and pass)" -_print "\000" + _print "\000" + _print " // Operations on keys:" + _print " passwd change the password of a KEY (needs old pass)" + _print " setkey change the KEY locking a TOMB (needs old key and pass)" + _print "\000" [[ $QRENCODE == 1 ]] && { -_print " // Backup on paper:" -_print " engrave makes a QR code of a KEY to be saved on paper" + _print " // Backup on paper:" + _print " engrave makes a QR code of a KEY to be saved on paper" } -_print "\000" + _print "\000" [[ $STEGHIDE == 1 ]] && { -_print " // Steganography:" -_print " bury hide a KEY inside a JPEG image (for use with -k)" -_print " exhume extract a KEY from a JPEG image (prints to stdout)" + _print " // Steganography:" + _print " bury hide a KEY inside a JPEG image (for use with -k)" + _print " exhume extract a KEY from a JPEG image (prints to stdout)" } -_print "\000" -_print "Options:" -_print "\000" -_print " -s size of the tomb file when creating/resizing one (in MB)" -_print " -k path to the key to be used ('-k -' to read from stdin)" -_print " -n don't process the hooks found in tomb" -_print " -o mount options used to open (default: rw,noatime,nodev)" -_print " -f force operation (i.e. even if swap is active)" + _print "\000" + _print "Options:" + _print "\000" + _print " -s size of the tomb file when creating/resizing one (in MB)" + _print " -k path to the key to be used ('-k -' to read from stdin)" + _print " -n don't process the hooks found in tomb" + _print " -o mount options used to open (default: rw,noatime,nodev)" + _print " -f force operation (i.e. even if swap is active)" [[ $KDF == 1 ]] && { -_print " --kdf generate passwords armored against dictionary attacks" + _print " --kdf generate passwords armored against dictionary attacks" } -_print "\000" -_print " -h print this help" -_print " -v print version, license and list of available ciphers" -_print " -q run quietly without printing informations" -_print " -D print debugging information at runtime" -_print "\000" -_print "For more informations on Tomb read the manual: man tomb" -_print "Please report bugs on <http://github.com/dyne/tomb/issues>." + _print "\000" + _print " -h print this help" + _print " -v print version, license and list of available ciphers" + _print " -q run quietly without printing informations" + _print " -D print debugging information at runtime" + _print "\000" + _print "For more informations on Tomb read the manual: man tomb" + _print "Please report bugs on <http://github.com/dyne/tomb/issues>." } @@ -692,7 +692,7 @@ _list_optional_tools() { _deps=(gettext dcfldd wipe mkfs.ext4 steghide e2fsck) _deps+=(resize2fs tomb-kdb-pbkdf2 qrencode swish-e unoconv) for d in $_deps; do - _print "`which $d`" + _print "`which $d`" done return 0 } @@ -709,7 +709,7 @@ _ensure_dependencies() { # Check for required programs for req in cryptsetup pinentry sudo gpg; do command -v $req 1>/dev/null 2>/dev/null || { - _failure "Missing required dependency ::1 command::. Please install it." $req } + _failure "Missing required dependency ::1 command::. Please install it." $req } done # Ensure system binaries are available in the PATH @@ -764,20 +764,20 @@ is_valid_key() { return 0 } [[ -z $key ]] && { - _warning "is_valid_key() called without an argument." - return 1 + _warning "is_valid_key() called without an argument." + return 1 } # If the key file is an image don't check file header [[ -r $TOMBKEYFILE ]] \ - && [[ $(file $TOMBKEYFILE) =~ "JP.G" ]] \ + && [[ $(file $TOMBKEYFILE) =~ "JP.G" ]] \ && { _message "Key is an image, it might be valid." - return 0 } + return 0 } [[ $key =~ "BEGIN PGP" ]] && { _message "Key is valid." - return 0 } + return 0 } return 1 } @@ -823,7 +823,7 @@ _load_key() { TOMBSECRET=$(cat) else _verbose "load_key argument: ::1 key file::" $keyfile - [[ -r $keyfile ]] || _failure "Key not found, specify one using -k." + [[ -r $keyfile ]] || _failure "Key not found, specify one using -k." TOMBKEYFILE=$keyfile TOMBKEY="${mapfile[$TOMBKEYFILE]}" fi @@ -882,7 +882,7 @@ gpg_decrypt() { # Gets a key file and a password, prints out the decoded contents to # be used directly by Luks as a cryptographic key get_lukskey() { -# $1 is the password + # $1 is the password _verbose "get_lukskey" _password="$1" @@ -906,7 +906,7 @@ get_lukskey() { ;; esac - # key needs to be exhumed from an image + # key needs to be exhumed from an image elif [[ -r $TOMBKEYFILE && $(file $TOMBKEYFILE) =~ "JP.G" ]]; then exhume_key $TOMBKEYFILE "$_password" @@ -939,10 +939,10 @@ ask_key_password() { for c in 1 2 3; do if [[ $c == 1 ]]; then tombpass=$(exec_as_user ${TOMBEXEC} askpass \ - "Insert password to use key: $TOMBKEYFILE") + "Insert password to use key: $TOMBKEYFILE") else tombpass=$(exec_as_user ${TOMBEXEC} askpass \ - "Insert password to use key: $TOMBKEYFILE (attempt $c)") + "Insert password to use key: $TOMBKEYFILE (attempt $c)") fi if [[ $? != 0 ]]; then _warning "User aborted password dialog." @@ -1029,8 +1029,8 @@ change_passwd() { # takes care to encrypt a key # honored options: --kdf --tomb-pwd -o gen_key() { -# $1 the password to use, if not set then ask user -# -o is the --cipher-algo to use (string taken by GnuPG) + # $1 the password to use, if not set then ask user + # -o is the --cipher-algo to use (string taken by GnuPG) local algopt="`option_value -o`" local algo="${algopt:-AES256}" # here user is prompted for key password @@ -1066,8 +1066,8 @@ gen_key() { header="" [[ $KDF == 1 ]] && { { option_is_set --kdf } && { - # KDF is a new key strenghtening technique against brute forcing - # see: https://github.com/dyne/Tomb/issues/82 + # KDF is a new key strenghtening technique against brute forcing + # see: https://github.com/dyne/Tomb/issues/82 itertime="`option_value --kdf`" # removing support of floating points because they can't be type checked well if [[ "$itertime" != <-> ]]; then @@ -1168,11 +1168,11 @@ bury_key() { | steghide embed --embedfile - --coverfile ${imagefile} \ -p $TOMBPASSWORD -z 9 -e serpent cbc if [ $? != 0 ]; then - _warning "Encoding error: steghide reports problems." - res=1 + _warning "Encoding error: steghide reports problems." + res=1 else - _success "Tomb key encoded succesfully into image ::1 image file::" $imagefile - res=0 + _success "Tomb key encoded succesfully into image ::1 image file::" $imagefile + res=0 fi return $res @@ -1188,7 +1188,7 @@ exhume_key() { local imagefile="$1" # The image file where to look for the key local tombpass="$2" # (Optional) the password to use (internal use) local destkey="$3" # (Optional) the key file where to save the - # result (- for stdout) + # result (- for stdout) local r=1 # Return code (default: fail) # Ensure the image file is a readable JPEG @@ -1201,7 +1201,7 @@ exhume_key() { # the exhumed key on stdout without further checks (internal use) [[ -n "$tombpass" ]] && { TOMBKEY=$(steghide extract -sf $imagefile -p $tombpass -xf -) - [[ $? != 0 ]] && { + [[ $? != 0 ]] && { _failure "Wrong password or no steganographic key found" } recover_key $TOMBKEY @@ -1212,16 +1212,16 @@ exhume_key() { # Ensure we have a valid destination for the key [[ -z $destkey ]] && { option_is_set -k } && destkey=$(option_value -k) [[ -z $destkey ]] && { - destkey="-" # No key was specified: fallback to stdout - _message "printing exhumed key on stdout" } + destkey="-" # No key was specified: fallback to stdout + _message "printing exhumed key on stdout" } # Bail out if destination exists, unless -f (force) was passed [[ $destkey != "-" && -s $destkey ]] && { - _warning "File exists: ::1 tomb key::" $destkey + _warning "File exists: ::1 tomb key::" $destkey { option_is_set -f } && { _warning "Use of --force selected: overwriting." rm -f $destkey - } || { + } || { _warning "Make explicit use of --force to overwrite." _failure "Refusing to overwrite file. Operation aborted." } } @@ -1231,12 +1231,12 @@ exhume_key() { tombpass=$(option_value --tomb-pwd) _verbose "tomb-pwd = ::1 tomb pass::" $tombpass } || { - [[ -n $TOMBPASSWORD ]] && tombpass=$TOMBPASSWORD + [[ -n $TOMBPASSWORD ]] && tombpass=$TOMBPASSWORD } || { tombpass=$(exec_as_user ${TOMBEXEC} askpass \ - "Insert password to exhume key from $imagefile") + "Insert password to exhume key from $imagefile") [[ $? != 0 ]] && { - _warning "User aborted password dialog." + _warning "User aborted password dialog." return 1 } } @@ -1268,9 +1268,9 @@ engrave_key() { _success "Rendering a printable QRCode for key: ::1 tomb key file::" $TOMBKEYFILE # we omit armor strings to save space awk '/^-----/ {next}; /^Version/ {next}; {print $0}' $TOMBKEYFILE \ - | qrencode --size 4 --level H --casesensitive -o $pngname + | qrencode --size 4 --level H --casesensitive -o $pngname [[ $? != 0 ]] && { - _failure "QREncode reported an error." } + _failure "QREncode reported an error." } _success "Operation successful:" # TODO: only if verbose and/or not silent @@ -1377,7 +1377,7 @@ forge_key() { [[ -n "$algopt" ]] && algo=$algopt _message "Commanded to forge key ::1 key:: with cipher algorithm ::2 algorithm::" \ - $destkey $algo + $destkey $algo TOMBKEYFILE="$destkey" # Set global variable @@ -1524,7 +1524,7 @@ lock_tomb_with_key() { _message "Done locking ::1 tomb name:: using Luks dm-crypt ::2 cipher::" $TOMBNAME $cipher _success "Your tomb is ready in ::1 tomb path:: and secured with key ::2 tomb key::" \ - $TOMBPATH $TOMBKEYFILE + $TOMBPATH $TOMBKEYFILE } @@ -1552,7 +1552,7 @@ change_tomb_key() { _failure "Not a valid LUKS encrypted volume: ::1 volume::" $TOMBPATH } _load_key $tombkey # Try loading given key and set TOMBKEY and - # TOMBKEYFILE + # TOMBKEYFILE local oldkey=$TOMBKEY local oldkeyfile=$TOMBKEYFILE @@ -1634,7 +1634,7 @@ mount_tomb() { _load_key # Try loading new key from option -k and set TOMBKEYFILE - tombmount=${2:-/media/$TOMBFILE} + tombmount=${2:-/media/$TOMBFILE} [[ -z "$2" ]] && { _message "Mountpoint not specified, using default: ::1 mount point::" $tombmount } @@ -1693,7 +1693,7 @@ mount_tomb() { _cryptsetup luksOpen ${nstloop} ${mapper} [[ -r /dev/mapper/${mapper} ]] || { - _failure "Failure mounting the encrypted file." } + _failure "Failure mounting the encrypted file." } # preserve the loopdev after exit lo_preserve "$nstloop" @@ -1721,7 +1721,7 @@ mount_tomb() { _success "Success opening ::1 tomb file:: on ::2 mount point::" $TOMBFILE $tombmount - local tombtty tombhost tombuid tombuser + local tombtty tombhost tombuid tombuser # print out when was opened the last time, by whom and where [[ -r ${tombmount}/.last ]] && { @@ -1782,11 +1782,11 @@ exec_safe_bind_hooks() { # No HOME set? Note: this should never happen again. [[ -z $HOME ]] && { - _warning "How pitiful! A tomb, and no HOME." - return 1 } + _warning "How pitiful! A tomb, and no HOME." + return 1 } [[ -z $mnt || ! -d $mnt ]] && { - _warning "Cannot exec bind hooks without a mounted tomb." + _warning "Cannot exec bind hooks without a mounted tomb." return 1 } [[ -r "$mnt/bind-hooks" ]] || { @@ -1825,7 +1825,7 @@ exec_safe_bind_hooks() { _warning "bind-hook source not found in tomb, skipping ::1 mount point::/::2 subdir::" $mnt $dir else mount -o bind,$MOUNTOPTS $mnt/$dir $HOME/${maps[$dir]} \ - && mounted+=("$HOME/${maps[$dir]}") + && mounted+=("$HOME/${maps[$dir]}") fi done } @@ -1847,7 +1847,7 @@ exec_safe_post_hooks() { # Only run if post-hooks has the executable bit set [[ -x $mnt/post-hooks ]] || return - # If the file starts with a shebang, run it. + # If the file starts with a shebang, run it. cat $mnt/post-hooks | head -n1 | grep '^#!\s*/' &> /dev/null [[ $? == 0 ]] && { _success "Post hooks found, executing as user ::1 user name::." $USERNAME @@ -1865,7 +1865,7 @@ list_tombs() { local tombname tombmount tombfs tombfsopts tombloop local ts tombtot tombused tombavail tombpercent tombp tombsince - local tombtty tombhost tombuid tombuser + local tombtty tombhost tombuid tombuser # list all open tombs mounted_tombs=(`list_tomb_mounts $1`) [[ ${#mounted_tombs} == 0 ]] && { @@ -1959,7 +1959,7 @@ BEGIN { main="" } } || { # list a specific tomb mount -l \ - | awk -vtomb="[$1]" ' + | awk -vtomb="[$1]" ' BEGIN { main="" } /^\/dev\/mapper\/tomb/ { if($7!=tomb) next; @@ -2021,10 +2021,10 @@ index_tombs() { mounted_tombs=(`list_tomb_mounts $1`) [[ ${#mounted_tombs} == 0 ]] && { - # Considering one tomb + # Considering one tomb [[ -n "$1" ]] && { - _failure "There seems to be no open tomb engraved as [::1::]" $1 } - # Or more + _failure "There seems to be no open tomb engraved as [::1::]" $1 } + # Or more _failure "I can't see any open tomb, may they all rest in peace." } _success "Creating and updating search indexes." @@ -2155,13 +2155,13 @@ search_tombs() { _message "Searching filenames in tomb ::1 tomb name::" $tombname locate -d ${tombmount}/.updatedb -e -i "${(f)@}" _message "Matches found: ::1 matches::" \ - $(locate -d ${tombmount}/.updatedb -e -i -c ${(f)@}) + $(locate -d ${tombmount}/.updatedb -e -i -c ${(f)@}) # Use swish-e to search over contents [[ $SWISH == 1 && -r $tombmount/.swish ]] && { - _message "Searching contents in tomb ::1 tomb name::" $tombname - swish-e -w ${=@} -f $tombmount/.swish -H0 } - } || { + _message "Searching contents in tomb ::1 tomb name::" $tombname + swish-e -w ${=@} -f $tombmount/.swish -H0 } + } || { _warning "Skipping tomb ::1 tomb name::: not indexed." $tombname _warning "Run 'tomb index' to create indexes." } done @@ -2233,7 +2233,7 @@ resize_tomb() { _cryptsetup luksOpen ${nstloop} ${mapper} [[ -r /dev/mapper/${mapper} ]] || { - _failure "Failure mounting the encrypted file." } + _failure "Failure mounting the encrypted file." } cryptsetup resize "${mapper}" || { _failure "cryptsetup failed to resize ::1 mapper::" $mapper } @@ -2273,7 +2273,7 @@ umount_tomb() { [[ ${#mounted_tombs} -gt 1 && -z "$1" ]] && { _warning "Too many tombs mounted, please specify one (see tomb list)" _warning "or issue the command 'tomb close all' to close them all." - _failure "Operation aborted." } + _failure "Operation aborted." } for t in ${mounted_tombs}; do mapper=`basename ${t[(ws:;:)1]}` @@ -2294,15 +2294,15 @@ umount_tomb() { [[ -n $SLAM ]] && { _success "Slamming tomb ::1 tomb name:: mounted on ::2 mount point::" \ - $tombname $tombmount + $tombname $tombmount _message "Kill all processes busy inside the tomb." { slam_tomb "$tombmount" } || { _failure "Cannot slam the tomb ::1 tomb name::" $tombname } - } || { + } || { _message "Closing tomb ::1 tomb name:: mounted on ::2 mount point::" \ - $tombname $tombmount } + $tombname $tombmount } - # check if there are binded dirs and close them + # check if there are binded dirs and close them bind_tombs=(`list_tomb_binds $tombname`) for b in ${bind_tombs}; do bind_mapper="${b[(ws:;:)1]}" @@ -2315,12 +2315,12 @@ umount_tomb() { [[ $? == 1 ]] && { _failure "Cannot slam the bind hook ::1 hook::" $bind_mount } umount $bind_mount - } || { + } || { _warning "Tomb bind hook ::1 hook:: is busy, cannot close tomb." $bind_mount } } done - # Execute post-hooks for eventual cleanup + # Execute post-hooks for eventual cleanup { option_is_set -n } || { exec_safe_post_hooks ${tombmount%%/} close } @@ -2328,17 +2328,17 @@ umount_tomb() { umount ${tombmount} [[ $? = 0 ]] || { _warning "Tomb is busy, cannot umount!"; return 1 } - # If we used a default mountpoint and is now empty, delete it - [[ "$tombmount" == "/media/$tombname.tomb" ]] && { rmdir $tombmount } + # If we used a default mountpoint and is now empty, delete it + [[ "$tombmount" == "/media/$tombname.tomb" ]] && { rmdir $tombmount } cryptsetup luksClose $mapper - [[ $? == 0 ]] || { + [[ $? == 0 ]] || { _failure "Error occurred in cryptsetup luksClose ::1 mapper::" $mapper } - # Normally the loopback device is detached when unused + # Normally the loopback device is detached when unused [[ -e "/dev/$tombloop" ]] && losetup -d "/dev/$tombloop" [[ $? = 0 ]] || { - _verbose "/dev/$tombloop was already closed." } + _verbose "/dev/$tombloop was already closed." } _success "Tomb ::1 tomb name:: closed: your bones will rest in peace." $tombname @@ -2434,7 +2434,7 @@ main() { subcommands_opts[source]="" subcommands_opts[resize]="-ignore-swap s: -size=s k: -tomb-pwd: " subcommands_opts[check]="-ignore-swap " -# subcommands_opts[translate]="" + # subcommands_opts[translate]="" ### Detect subcommand local -aU every_opts #every_opts behave like a set; that is, an array with unique elements @@ -2445,20 +2445,20 @@ main() { done local -a oldstar oldstar=("${(@)argv}") - #### detect early: useful for --optiion-parsing + #### detect early: useful for --optiion-parsing zparseopts -M -D -Adiscardme ${every_opts} - if [[ -n ${(k)discardme[--option-parsing]} ]]; then - print $1 - if [[ -n "$1" ]]; then - return 1 - fi - return 0 + if [[ -n ${(k)discardme[--option-parsing]} ]]; then + print $1 + if [[ -n "$1" ]]; then + return 1 fi - unset discardme + return 0 + fi + unset discardme if ! zparseopts -M -E -D -Adiscardme ${every_opts}; then - _failure "Error parsing." - return 127 - fi + _failure "Error parsing." + return 127 + fi unset discardme subcommand=$1 if [[ -z $subcommand ]]; then @@ -2527,7 +2527,7 @@ main() { [[ -z $_UID ]] || { _verbose "Caller: uid[::1 uid::], gid[::2 gid::], tty[::3 tty::]." \ - $_UID $_GID $_TTY + $_UID $_GID $_TTY } _verbose "Temporary directory: $TMPPREFIX" @@ -2535,51 +2535,51 @@ main() { # Process subcommand case "$subcommand" in - # USAGE + # USAGE help) usage ;; - # DEPRECATION notice (leave here as 'create' is still present in old docs) + # DEPRECATION notice (leave here as 'create' is still present in old docs) create) _warning "The create command is deprecated, please use dig, forge and lock instead." _warning "For more informations see Tomb's manual page (man tomb)." - _failure "Operation aborted." + _failure "Operation aborted." ;; - # CREATE Step 1: dig -s NN file.tomb + # CREATE Step 1: dig -s NN file.tomb dig) check_priv dig_tomb ${=PARAM} ;; - # CREATE Step 2: forge file.tomb.key + # CREATE Step 2: forge file.tomb.key forge) check_priv forge_key ${=PARAM} ;; - # CREATE Step 2: lock -k file.tomb.key file.tomb + # CREATE Step 2: lock -k file.tomb.key file.tomb lock) check_priv lock_tomb_with_key ${=PARAM} ;; - # Open the tomb + # Open the tomb mount|open) check_priv mount_tomb $PARAM[1] $PARAM[2] ;; - # Close the tomb - # `slam` is used to force closing. + # Close the tomb + # `slam` is used to force closing. umount|close|slam) check_priv [[ "$subcommand" == "slam" ]] && SLAM=1 umount_tomb $PARAM[1] ;; - # Grow tomb's size + # Grow tomb's size resize) [[ $RESIZER == 0 ]] && { _failure "Resize2fs not installed: cannot resize tombs." } @@ -2587,53 +2587,53 @@ main() { resize_tomb $PARAM[1] ;; - ## Contents manipulation + ## Contents manipulation - # Index tomb contents + # Index tomb contents index) index_tombs $PARAM[1] - ;; + ;; - # List tombs + # List tombs list) list_tombs $PARAM[1] ;; - # Search tomb contents + # Search tomb contents search) search_tombs ${=PARAM} ;; - ## Locking operations + ## Locking operations - # Export key to QR Code + # Export key to QR Code engrave) [[ $QRENCODE == 0 ]] && { _failure "QREncode not installed: cannot engrave keys on paper." } engrave_key ${=PARAM} ;; - # Change password on existing key + # Change password on existing key passwd) check_priv change_passwd $PARAM[1] ;; - # Change tomb key + # Change tomb key setkey) check_priv change_tomb_key ${=PARAM} ;; - # STEGANOGRAPHY: hide key inside an image + # STEGANOGRAPHY: hide key inside an image bury) [[ $STEGHIDE == 0 ]] && { _failure "Steghide not installed: cannot bury keys into images." } bury_key $PARAM[1] ;; - # STEGANOGRAPHY: read key hidden in an image - exhume) + # STEGANOGRAPHY: read key hidden in an image + exhume) [[ $STEGHIDE == 0 ]] && { _failure "Steghide not installed: cannot exhume keys from images." } exhume_key $PARAM[1] @@ -2641,45 +2641,45 @@ main() { ## Internal commands useful to developers - # Make tomb functions available to the calling shell or script + # Make tomb functions available to the calling shell or script 'source') return 0 ;; - # Ask user for a password interactively + # Ask user for a password interactively askpass) ask_password $PARAM[1] $PARAM[2] ;; - # Default operation: presentation, or version information with -v + # Default operation: presentation, or version information with -v __default) -_print "Tomb ::1 version:: - a strong and gentle undertaker for your secrets" $VERSION -_print "\000" -_print " Copyright (C) 2007-2014 Dyne.org Foundation, License GNU GPL v3+" -_print " This is free software: you are free to change and redistribute it" -_print " For the latest sourcecode go to <http://dyne.org/software/tomb>" -_print "\000" + _print "Tomb ::1 version:: - a strong and gentle undertaker for your secrets" $VERSION + _print "\000" + _print " Copyright (C) 2007-2014 Dyne.org Foundation, License GNU GPL v3+" + _print " This is free software: you are free to change and redistribute it" + _print " For the latest sourcecode go to <http://dyne.org/software/tomb>" + _print "\000" option_is_set -v && { -_print " This source code is distributed in the hope that it will be useful," -_print " but WITHOUT ANY WARRANTY; without even the implied warranty of" -_print " MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." -_print " When in need please refer to <http://dyne.org/support>." -_print "\000" -_print "System utils:" -_print "\000" -cat <<EOF + _print " This source code is distributed in the hope that it will be useful," + _print " but WITHOUT ANY WARRANTY; without even the implied warranty of" + _print " MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + _print " When in need please refer to <http://dyne.org/support>." + _print "\000" + _print "System utils:" + _print "\000" + cat <<EOF `sudo -V | head -n1` `cryptsetup --version` `pinentry --version` `gpg --version | head -n1` - key forging algorithms (GnuPG symmetric ciphers): `list_gnupg_ciphers` EOF -_print "\000" -_print "Optional utils:" -_print "\000" -_list_optional_tools version -return 0 + _print "\000" + _print "Optional utils:" + _print "\000" + _list_optional_tools version + return 0 } usage ;; - # Reject unknown command and suggest help + # Reject unknown command and suggest help *) _warning "Command \"::1 subcommand::\" not recognized." $subcommand _message "Try -h for help."